Britain launches a £210 million cyber strategy to protect public services, strengthen supply chains, and prepare government systems for escalating AI-driven attacks.
The UK Government has unveiled a £210 million cyber action plan aimed at protecting online public services and safeguarding citizens’ data as more government functions move online.
The initiative aims to enhance cyber defenses across departments, expedite responses to attacks, and support a comprehensive digitization effort that officials claim could yield up to £45 billion in productivity gains by reducing paperwork, shortening queues, and streamlining access to public services.
The plan will be driven by a newly established Government Cyber Unit, tasked with rapidly improving cyber resilience across central government and the wider public sector. Officials said the effort is designed to ensure public trust as citizens increasingly rely on digital channels to access essential services.
The strategy underpins broader government ambitions to digitise public services, enabling people to access support online without repeatedly submitting the same information to multiple departments. If implemented effectively, ministers argue, technology-led reform across the public sector could generate savings of up to £45 billion.
Also Read: Why Seasonal Hiring Puts Data Security at Risk
The announcement coincided with the second reading of the Cyber Security and Resilience Bill in the House of Commons. The legislation sets clearer expectations for companies supplying services to the government, strengthening their cyber resilience. That includes organisations across critical infrastructure, from energy and water providers to healthcare systems and data centres.
Officials said stronger defences throughout government supply chains are essential to protecting essential services and countering cyber threats that could disrupt daily life.
The plan also emphasises improved visibility into cyber risks, stronger cross-departmental coordination on complex threats, and faster incident response, with targeted measures to close major security gaps.
Ian Murray, the minister for digital government, said cyber attacks could disable vital public services “in minutes.”
“This plan sets a new bar to bolster the defences of our public sector,” he said, adding that it would put cyber criminals on notice that the government is moving “further and faster” to protect both public services and businesses. “This is how we keep people safe, services running, and build a government the public can trust in the digital age.”
As part of the initiative, the government is launching a Software Security Ambassador Scheme to promote adoption of its Software Security Code of Practice, a voluntary framework designed to reduce software supply-chain attacks.
Major technology and financial services firms, including Cisco, Palo Alto Networks, Sage, Santander and NCC Group, will serve as ambassadors, advocating for the code, demonstrating practical implementation, and feeding back into future policy development.
Also Read: The Unified Security Approach MSPs Need Now
Thomas Harvey, chief information security officer at Santander UK, said participation reflected a commitment to collective resilience. “By advocating for these standards, we’re not just protecting Santander and our customers—we’re helping to build a more secure digital economy for everyone,” he said.
Yet industry experts warn that the threat landscape is worsening. Jason Soroko, senior fellow at Sectigo, described 2025 as “brutal” for cyber defence and predicted that 2026 would be worse.
“Attackers are now deploying AI at a speed defenders simply haven’t matched,” he said, calling it a growing asymmetry. Soroko argued that many organisations still fail to adopt basic protections, such as stronger authentication, likening the reluctance to “refusing to put better locks on the doors.”
While passwordless technologies are increasingly important, he warned that passkeys remain difficult to deploy in large, centralised enterprise environments, leaving “gaps everywhere.” The result, he said, is a familiar but accelerating cycle: rising ransomware payments, expanding attack surfaces, and security teams struggling to keep pace.
Looking ahead, Soroko predicted that 2026 would mark the first publicly acknowledged material breach of a Fortune 500 company caused by prompt injection attacks against large language model–integrated systems.
“Adversaries will learn how to coerce those models into executing harmful internal commands or leaking sensitive data,” he said, warning that the industry still underestimates the risk. Defending against such threats, he argued, will require new approaches, including model-signing and treating smaller AI models with the same rigor as firmware.
“Anything less,” he said, “leaves enterprises dangerously exposed.”
